The following is blocking the ability for me to install a CA replica.
On the master the following is happening:
Number of certificates and requests being tracked: 5.
(but it shows no certificate details in the output)
Running "getcert list" shows complete output.
Also, when trying to browse https://master.mydomain.com/ca/ee/ca/getCertChain i
get a failed response. The apache error logs on the master show....
[Thu Feb 19 23:23:23 2015] [error] SSL Library Error: -12271 SSL client cannot
verify your certificate
The reason I am trying to browse that address is because that's what the
ipa-ca-install setup is failing at (it complains that the CA certificate is not
in proper format, in fact it's not able to get it at all).
I know from another working ipa setup that ....
Browsing to the above address provides valid xml content and ipa-getcert list
shows certificate details and not just the number of tracked certificates.
Been trying for a long time to figure out the issues without luck.
I would greatly appreciate any help to troubleshoot and resolve the above
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project